Network security threats Essay

The purpose of this memo is to let you know the importance of mesh security. here I will discuss the cyberspace security threats, law that affects vane security and processes and procedures for disaster recovery, data backup, and data restoration along with future save plans. Network security threats brook be defined as any method used to try to breach the security of a entanglement or system (Tulloch 2003).The goal of network security is to sustain and defend three critical properties of breeding, which atomic number 18 confidentiality, integrity and availability. This threats originate from variety of sources such as remote and internal. External threats ar structured threats from malicious exclusives or giving medications and unstructured threats from inexperienced attackers such as script kiddies. Internal threats are threats from disgruntled employees or contractors. divers(a) network security threats exist. Some of the threats are Firewall and System Probing, Netw ork File Systems (NFS) Application Attacks, Vendor Default Password Attacks, Denial of service (DoS) attacks, Social engineering Attacks, Electronic Mail Attacks, Spoofing, Sniffing, Fragmentation and Splicing Attacks, Easy-To-Guess Password Compromise, Destructive Computer Viruses, Prefix Scanning, Trojan Horses and Reconnaissance attacks.The top three security threats to a network are discussed in on a lower floor paragraphs. Disgruntled Employees This is the most common network security threat. Disgruntled employees, who are the group most familiar with their employers ready reckoners and applications, including sagacious what actions might cause the most damage can create both mischief and sabotage on a data processor System. The disgruntled current employees genuinely cause more damage than former employees do.According to Parmar, the common examples of computer-related employee sabotage are entering data inright(a)ly, changing and deleting data, destroying data or programs with logic bombs, crashing systems, attribute data hostage and destroying hardware or facilities. Denial of Service (DoS) Attacks According to Tulloch (2003), DoS is a type of attack that tries to prevent legitimate users from accessing network serve. In this type of threats, the attacker tries to prevent access to a system or network by several possible means.Some of these are Flooding the network with so much traffic that traffic from legitimate clients is overwhelmed Flooding the network with so many requests for a network service that the host providing the service cannot retrieve similar requests from legitimate clients and Disrupting communications between hosts and legitimate clients by various means, including alteration of system configuration information or even physical close of network servers and components. (Tulloch 2003) Malicious Code and Electronic Mail Attacks.According to Parmar, malicious code refers to viruses , worms , Trojan horses , logic bombs, and soft ware (uninvited). Electronic e-mail attacks are emails that hackers get off to compromise network systems and whenever companies accept this e-mail from the Internet that have exposed versions of the sendmail program are potential targets from this attack. NETWORK SECURITY LAWS As such, no network security laws exist for network security. However, some of the acts that are applicable for network security threats are discussed in below paragraphs. concealing Act of 1974 The concept of information privacy has been one of the most critical issues.It takes into serious consideration. Imagine a world without information privacy. The lack of information privacy creates a breeding ground for technological sharing and distribution. In 1974, the Privacy Act of 1974, passed by the Unites States Congress, states that No agency shall disclose any record, which is contained in a system of records by any means of communication to any person, or to another agency, except pursuant to a written r equest by, or with the prior written consent of, the individual to whom the record pertains (Privacy Act of 1974 88 Stat. 1897). CFAA Computer machination and Abuse Act.According to Robinson (2003), the current United States law of information security is the Computer Fraud and Abuse Act (18 U. S. C). It was originally enacted solely as a computer crime statute, but in its present form, it imposes both civil and criminal financial obligation for a wide variety of acts that compromise the security of creation and private sector computer systems. DMCA The Digital millennium Copyright Act The Digital Millennium Copyright Act (17 U. S. C), provides that no person shall circumvent a technological measure that effectively controls access to a work cling toed under this deed of conveyance the Copyright Law.(Robinson, 2003) There are other laws (acts), such as the Wiretap Act, the Stored Communications Act, and the Computer bail Act are also applicable on network security threats. PROCESS AND PROCEDURES FOR NETWORK SECURITY The three important techniques used by companies to protect their network are firewalls, encryption and VPN, which are discussed below Firewalls Firewalls are used to control access between networks. It separate intranets and xtranets from the Internet so that only employees and authorized line of reasoning partners can access.Firewalls are implemented by Packet filtering to block illegal traffic, which is defined by the security polity or by using a proxy server, which acts as an intermediary. Encryption To protect against sniffing, messages can be encrypted before being sent (over the Internet). In general, two classes of encryption methods Secret Key encryption (DES) and Public Key encryption (RSA, public and private key are needed) are used today. Public Key encryption is incorporated into all major Web browsers and is the basis for secure socket storey (SSL).Virtual Private Networks (VPN) VPN maintains data security as it is transm itted by using tunneling and encryption. Tunneling creates a temporary connection between a remote computer and the local network. Tunneling blocks access to anyone trying to intercept messages sent over that link. Encryption scrambles the message before it is sent and decodes it at the receiving end. Another important area for companies are (implementing) Security policy, Disaster Recovery and rail line Continuity (plans), which are discussed in below paragraphsSecurity policy Security policy is defined as rules, directives and practices that regularize how asset, including sensitive information are managed protected and distributed within an organization. Every organization should define and document a security policy that defines the limits of acceptable behavior and how the organization will respond to violation of such behavior. Security policy defined should be concise, to the point, easy to understand and widely publicized in the organization.The security policy implemented should ensure compliance with all laws. The security policy should be reviewed periodically to respond to changes in technology or circumstances. There should be restrictions on playing of computer games on corporate computers and visiting of non-productive web sites using corporate network. In addition, employees should be monitored for prohibition against taking copies of certain corporate electronic document out of office, use of pirated software and use of corporate e-mail account for sending the personal e-mail.Proper Documentation for Disaster Recovery and Business Continuity There are various types of vulnerabilities associated with computer-based information systems. Now these days organizations are being more dependent upon their computer systems, therefore the survival of business depend very much on the security of these systems. Initially (few years back), physical disasters such as floods a hurricane, and fires were the most probable security risks.Nowadays, computer o perations are also liable to loss or damage from hackers, computer viruses, industrial spies and similar causes which until recently were in the realms of science fiction. The terrorist attacks on family line 11, 2001, showed that there is a big difference between disaster recovery and business continuity. In the past, disaster recovery meant getting computers and networks up and running by and by a hurricane, flood, fire, or other disaster. However, September 11 taught a broader issue getting the business up-and-running.According to McNurlin & Sprague (2006), Business continuity broadens the discussion to include Safeguarding slew during a disaster Documenting business procedures so that not dependent upon a single employee Giving employees the tools and space to handle personal issues first so that they can then concentrate on work Alternate workspace for people and Backup IT sites not too close but not too far outside Up to date evacuation plans that everyone knows and has pra cticedBacked up laptops and departmental servers and Helping people cope with a disaster by having easily approachable phone lists, e-mail lists, instant-messenger lists so people can communicate with loved ones and colleagues. CONCLUSIONS The goal of network security is to sustain and defend three critical properties of information, which are confidentiality, integrity and availability. The most common threats to network security comes from disgruntled employees, DoS attacks and malicious code attacks.All these threats try to breach the security of a network or system. Various information security and privacy laws exist, which must be followed by companies while installing and managing their computer network. Various techniques such as firewalls, encryption and VPN are used for securing network. In addition, security polices and disaster recovery and business continuity plan are implemented for securing network. FUTURE ACTION Below are some methods for securing network from the top three security threats to a network. Disgruntled employees type of threats can be limited by invalidating passwords and deleting system accounts in a timely manner by network (system) administrator.According to Tulloch (2003), defenses against DoS attacks can be done by disabling unneeded network services to limit the attack surface of companies network enabling disk quotas for all accounts including those used by network services implementing filtering on routers and patch operating systems to centralise exposure to SYN flooding base-lining normal network usage to help identify such attacks in order to quickly defeat them and regularly backing up system configuration information and ensuring strong password policies.To prevent malicious code attacks from occurring, regular check with vendors to ensure systems are running a correct version of sendmail or some more secure mail product are necessary. Network Security through Software and Hardware can be implemented by Modular an d cheaper workgroup firewalls. By having host based and network based Intrusion detection systems Active security by providing auto join responses to agents. Centralized management Content filtering Acceptance of PKI By having token, smartcard or biometric based access solutions. Some basic protecting tips for computer (in network) that should be provided to all the staffs in the organization are Always use Anti-virus Software Download security updates and patches regularly and update computer systems. Do not check or transfer emails and attachments from unknown sources Back Up your data regularly. Use Firewall Do not share access to your computer hard drives in network Attachments.REFERENCES Tulloch, M.2003, Microsoft Encyclopedia of Security, Microsoft Press, Washington, United States of America. Parmar, S. K. & CST, N. Cowichan Duncan RCMP Det (cmpl), An Introduction to Security Manual McNurlin, B. C & Sprague, R. H 2006, Information Systems Management in Practice, 7t h ed. , Pearson Education, New Jersey United States Congress, Privacy Act of 1974. Public Law No. 93-579, 88 Stat.1897 (Dec. 31, 1974) CERT Training and Education software Engineering Institute (2006). Information Security for Technical Staff, Student handbook, Camegie Mellon University, the States Robinson, S, 2003, U. S. Information Security Law, accessed on October 20, 2007 from .